gozi_ifsb | 488925a89527506e1e40d24e0599e758bcf44bdd788f9da852823c27898d164e | Triage

Sharing

General

Target

c6a0000.dll
Size

227KB
Sample

220803-qnyg2acefl
MD5

f6a83fc0075e66391e5511de2fa10a05
SHA1

0711fbea9edef5179f2c7ac7f25014a127bf06eb
SHA256

488925a89527506e1e40d24e0599e758bcf44bdd788f9da852823c27898d164e
SHA512

9ad22154034414a413cd8f8f9c641a33f956ec1c733c204589dc67f0c8c8521f72a608f1ddce2ddcd4b7345faa4b9057374eb5ddfed5c7a719002486860fb9d2

Score

10^/10

gozi_ifsb 11111

Malware Config

Extracted

Family

gozi_ifsb

Botnet

11111

C2

trackin1g-protection.cdnn.mozilla.net

176.10.119.80

194.76.224.245

31.214.157.77

chnkdgpopupser.at

185.158.250.220

185.158.250.234

194.76.224.181

Attributes

base_path
/fonts/
exe_type
worker
extension
.bak
server_id
50

rsa_pubkey.plain

aes.plain

Targets

- Target
  
  c6a0000.dll
- Size
  
  227KB
- MD5
  
  f6a83fc0075e66391e5511de2fa10a05
- SHA1
  
  0711fbea9edef5179f2c7ac7f25014a127bf06eb
- SHA256
  
  488925a89527506e1e40d24e0599e758bcf44bdd788f9da852823c27898d164e
- SHA512
  
  9ad22154034414a413cd8f8f9c641a33f956ec1c733c204589dc67f0c8c8521f72a608f1ddce2ddcd4b7345faa4b9057374eb5ddfed5c7a719002486860fb9d2
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2